Mark a VS down when 1 pool member is down

Hi Emilhag,

For this requirement, you dont need to create an irule or sort... Just simply create a monitor as usual, but while creating the monitor, you would see the destination option.

In the destination, give your main pool member detail. So this means, the monitor assigned to the pool will look for this pool member status and mark the other members (including this member) status as Up or Down.

Example:

Members: 1.1.1.1:80, 1.1.1.2:80, 1.1.1.3:80, 1.1.1.4:80

create ltm monitor http  interval 30 timeout 91  recv "Server Up" recv-disable "Server Drain" send "GET /your string" destination 1.1.1.1:80

So here 1.1.1.1:80 acts as the decider...

Hope this helps.

Edited: 19th Feb.

Hi Emilhag,

Sorry I misunderstood your requirement,

So if got your requirement correctly,

• You have 4 pool members.
• You want the VS to be marked down, even if one of the members goes down.

Here, you can try with an external monitor, where you define your own logic and ask the ltm to run commands to disable your virtual.

In the below external monitor, you'd see I have hardcoded 3 parameter,

pool=

your-poolname

minup=

4

virtual=

your-virtualname

So you have to update the below script according to your setup.

!/bin/sh
pidfile="/var/run/$MONITOR_NAME.$1..$2.pid"
 Send signal to the process group to kill our former self and any children
 as external monitors are run with SIGHUP blocked
if [ -f $pidfile ]
then
    kill -9 -`cat $pidfile` > /dev/null 2>&1
fi
echo "$$" > $pidfile

pool=your-poolname
minup=4
virtual=your-virtualname

upmembers=`tmsh show /ltm pool $pool members |grep "Current Active Members" |awk -F" : " '{ print $2 }'`

if [ $upmembers -ge $minup ]
then
    rm -f $pidfile
    state=`tmsh show /ltm virtual $virtual |grep "State" |awk -F" : " '{ print $2 }'`
    if [ $state == "disabled" ]
    then
        logger -p local0.info -t MONITOR-ALERT "Pool $pool Monitor UP - enabling virtual $virtual"
        tmsh modify /ltm virtual $virtual enabled
    fi
    echo "up"
else
    rm -f $pidfile
    state=`tmsh show /ltm virtual $virtual |grep "State" |awk -F" : " '{ print $2 }'`
    if [ $state == "enabled" ]
    then
        logger -p local0.info -t MONITOR-ALERT "Pool $pool Monitor DOWN - disabling virtual $virtual"
        tmsh modify /ltm virtual $virtual disabled
    fi    
    echo "up"
fi

Credits: Kevin Stewart from his original post.

Hello Michael,

The GUI catches most syntax issues when you attempt to create the iRule, so I think you're good there. While your iRule is generating a response that should accurately predict whether or not 4 pool members are up, it is not actually disabling that VS, So traffic will continue on to the same VS. Unless of course you have some sort of routed fail-over based on that response; I'll admit that that's outside my wheelhouse and I can't seem to find any documentation on it.

Looking quickly at the source for your code, it looked like most of the solutions revolved around a monitor on GTM specifically checking the response of the VIP, so that if GTM detected that the F5 was down, it would no longer send traffic to that F5. This is why they implemented that response code solution; GTM is no longer sending traffic to a vs based on the response it got from the VS, down or up. Thus, the VS itself would still accept traffic.

So your troubleshooting depends a little on the architecture of your site. If you have just the LTMs, try looking in to commands to disable the pool members/vs. If you're using a GTM, I would double check whatever status monitor you have in place, and make sure it's listening for the right response code at the right uri. Posting a little more information about your issue might also give people more ideas to help you troubleshoot.

Best of luck,

Austin

I have similar situation, whereby I have 2 members in a pool. I want the pool and VIP to go down if I lose one member. I don't really understand the script above as it is not my forte, could someone break it down into simple terms. I've configured the pools/members/VIPs via the GUI. Do I need to remove and configure via the CLI?

Also I'm using an LDAP monitor therefore there's not an option to use an HTTP monitor. I need to understand the script and where to apply it.

Thanks

There seems to be a less resource-intensive way (for F5) of achieving this:

1. Create as many pool-level health monitors as the pool members, each using an alias IP address representing one pool member;
2. In the "Availability Requirement" field, select "At least", and then enter the minimum number required (e.g. if you have two pool members and you need to set the condition of both being up, enter "2").

Hello JG,

I've tried this using alias IP addresses plus setting the pool availability to 'at least 2', it doesn't appear to work. I forced one of the servers off-line, however the pool still stayed 'up'. I guess forcing the server off line is a suitable test. Once my colleague is available I can ask him to shut down the server, but not sure if this will make any difference. Have you tried this previously?

Apologies for the late reply, I've followed your advice and it's worked. Thanks for the detail,